OT MOTION CODE™: the security code that is genuinely secure

In mid-May, Banque Populaire and the Caisse d’Epargne, in partnership with Natixis Payment Solutions and Oberthur Technologies (OT), announced a world exclusive, the pilot of the first ever payment card with a dynamic security code: OT MOTION CODE™. For the very first time, the three digit security code printed on the back of the bank card will be replaced by a mini-screen displaying a code that will automatically change at regular intervals. This innovative technology makes online transactions safer, without any changes for the cardholder or the online retailer.

Eric Duforest, Managing Director of the Financial Services Institutions business at OT and Nicolas Chatillon, Head of Development – Payments, Strategic Marketing and Studies – Commercial Banking at BPCE Group took the time to answer our questions.

Eric Duforest:OT MOTION CODE™ is a payment card featuring a mini screen on the front that displays the CVV code (the 3 or 4 digit security code), which is static on traditional cards and used to confirm online payments. With this card, the code changes at regular intervals, every hour, for example. The dynamic code is entered on the merchant site, who submits it to the bank’s authentication server. The server then sorts static and dynamic CVV codes and if a dynamic code is submitted, our software, installed at the bank, checks that the code on the card matches the code on the server, and then confirms or rejects the payment.

Nicolas Chatillon: It’s a real international innovation and we are proud that the Banque Populaire and Caisse d’Epargne are the first banks to try out the technology, soon to be available to their customers. The main advantage is that it does not at all change the way that consumers make purchases online. They pay just as they do today, by entering the usual information such as their name, card number, expiry date, and security code, which is now dynamic.

ED: This is an essential aspect. Payment solutions are always a compromise between a high level of security, deployment costs that are as low as possible, controlled operational costs, and ease of use, to avoid impeding its uptake by consumers. We think that this solution meets these four criteria and here at OT we are delighted that a number of banks have adopted the concept, BPCE in particular. For consumers, it’s very easy: nothing changes. Everything works just as before, they just need to look at the back their card to enter the displayed security code.

What will the card look like?

ED: It is as thin as a normal card. Inside, the card holds a chip, an antenna, a screen, a secure processor, and a battery. Ultimately it has the same format and meets the same security criteria as a traditional card. And the battery is designed to last during the whole card’s lifecycle.

And what does it change for online merchants and the bank?

ED: For the merchant, nothing. They don’t need to update their website with new features or plugins, etc. They receive a CVV and wait for the bank’s approval, just as before.

NC: For the bank, the changes are minimal. They just need to install the OT authentication server that sorts static and dynamic CVV, activates its own algorithm, and authorizes the transaction. There’s no need to create a special ecosystem. It is a highly intelligent, transparent, and fully integrated system, and one that meets the expectations of consumers as well as all payment and e-commerce stakeholders, for greater protection against fraud.

How does it help prevent fraud?

ED: An observation made by all payment providers is that there are usually 10-20 days between the date that card information is stolen and the date that the thief uses it to commit fraud. The idea is to close this window of opportunity by regularly changing the security code on the back of the card. The data becomes obsolete within a matter of minutes if it is stolen. This is the concept behind the card.

NC: Bank cards are still the world’s favorite way to pay, but also the one targeted by fraudsters. What interests us about this new card is its effectiveness at reducing fraud. Between 60-65% of fraud occurs with online payments when shopping on the Internet, and this figure keeps rising. CVV fraud alone accounts for 80% of cases. OT MOTION CODE™ is therefore the perfect protection when hackers obtain card information through phishing, or more usually though malware installed on the consumer’s computer. It is quite rare to have tools to combat fraud that aren’t cumbersome to use.

How does the card meet your customers’ expectations?

NC: The card is designed to enrich the existing range and is fully part of our digital transformation. Today, online banking services are increasingly being accessed from mobiles. Our customers regularly use their smartphones to manage their bank accounts, as well as to shop online, etc. They have high expectations, in particular in terms of fluidity. They want it to be fast, without interference to their shopping experience and without having to change device. To take these new behaviors into account, we need to provide solutions with maximum security and optimal ergonomics.

The card is being piloted with BPCE Group. Who will be affected and what will happen?

NC: The card will be tested by 500 customers in Paris and 500 elsewhere in France. It will be issued free of charge for the duration of the pilot, which will run from autumn 2015 to spring 2016. What matters to us is knowing how our customers feel. We know that the technical solution developed by OT works, but to implement it properly we want to work alongside them as co-developers. We need to understand how it will be received by our customers, and that’s the purpose of the pilot. We will target customers who shop online a lot, and others who do so less. For example, we will see if the latter start to shop online more with OT MOTION CODETM. We are also going to target customers who have been victims of fraud, to see if it leads them to behave differently, if it makes them feel safer, and brings any value. Depending on the results, we will then decide on the right strategy to expand the roll-out of the card.

ED: We are delighted to launch this pilot phase with BPCE. We have spoken to most of our 2000 partner banks around the world, and received an enthusiastic response. We have invested heavily in R&D, and in our industrial capacity, so that the card is ready for mass production. And in light of the feedback, we are confident that it will become a new international standard.